PttCodingMan
diff --git a/‎.env.example‎
Lines changed: 19 additions & 0 deletions b/‎.env.example‎
Lines changed: 19 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 10 additions & 0 deletions b/‎.gitignore‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎Makefile‎
Lines changed: 41 additions & 0 deletions b/‎Makefile‎
Lines changed: 41 additions & 0 deletions
diff --git a/‎backend/Dockerfile‎
Lines changed: 11 additions & 0 deletions b/‎backend/Dockerfile‎
Lines changed: 11 additions & 0 deletions
diff --git a/‎backend/app/__init__.py‎ b/‎backend/app/__init__.py‎
diff --git a/‎backend/app/auth.py‎
Lines changed: 86 additions & 0 deletions b/‎backend/app/auth.py‎
Lines changed: 86 additions & 0 deletions
diff --git a/‎backend/app/config.py‎
Lines changed: 26 additions & 0 deletions b/‎backend/app/config.py‎
Lines changed: 26 additions & 0 deletions
@@ -0,0 +1,19 @@
+# ── 基本 ──
+SECRET_KEY=change-me-to-random-string
+ADMIN_USER=admin
+ADMIN_PASS=admin
+
+# ── 路徑 ──
+DATA_DIR=./data
+DB_PATH=./data/just-wiki.db
+MEDIA_DIR=./data/media
+
+# ── Frontend ──
+VITE_API_URL=http://localhost:8000
+
+# ── AI (Phase 5, 可選) ──
+GEMINI_API_KEY=
+AI_ENABLED=false
+
+# ── Webhook (Phase 7, 可選) ──
+WEBHOOK_URLS=
@@ -0,0 +1,10 @@
+data/
+*.db
+__pycache__/
+*.pyc
+.venv/
+node_modules/
+dist/
+.env
+*.egg-info/
+.DS_Store
@@ -0,0 +1,41 @@
+.PHONY: dev dev-backend dev-frontend build backup clean
+
+dev:
+	@echo "Starting backend and frontend..."
+	@make dev-backend &
+	@make dev-frontend
+
+dev-backend:
+	cd backend && source .venv/bin/activate && PYTHON_GIL=1 uvicorn app.main:app --reload --port 8000
+
+dev-frontend:
+	cd frontend && npm run dev
+
+build:
+	cd frontend && npm run build
+
+backup:
+	@mkdir -p backup
+	cp data/just-wiki.db backup/just-wiki-$$(date +%Y%m%d_%H%M%S).db
+	@echo "Backup complete"
+
+clean:
+	rm -f data/just-wiki.db
+	rm -rf data/media/*
+	rm -rf frontend/dist
+	@echo "Cleaned"
+
+docker-up:
+	docker-compose up -d
+
+docker-down:
+	docker-compose down
+
+setup:
+	@echo "Setting up backend..."
+	cd backend && uv venv && source .venv/bin/activate && uv pip install -r requirements.txt
+	@echo "Setting up frontend..."
+	cd frontend && npm install
+	@echo "Creating .env..."
+	cp -n .env.example .env || true
+	@echo "Done! Run 'make dev' to start."
@@ -0,0 +1,11 @@
+FROM python:3.12-slim
+
+WORKDIR /app
+
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+
+COPY . .
+
+EXPOSE 8000
+CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"]
@@ -0,0 +1,86 @@
+from datetime import datetime, timedelta, timezone
+from fastapi import Depends, HTTPException, status, Request
+from jose import JWTError, jwt
+import bcrypt
+
+from app.config import settings
+from app.database import get_db
+
+ALGORITHM = "HS256"
+TOKEN_EXPIRE_HOURS = 24
+
+
+def hash_password(password: str) -> str:
+    return bcrypt.hashpw(password.encode(), bcrypt.gensalt()).decode()
+
+
+def verify_password(password: str, hashed: str) -> bool:
+    return bcrypt.checkpw(password.encode(), hashed.encode())
+
+
+def create_token(user_id: int, username: str, role: str) -> str:
+    expire = datetime.now(timezone.utc) + timedelta(hours=TOKEN_EXPIRE_HOURS)
+    payload = {
+        "sub": str(user_id),
+        "username": username,
+        "role": role,
+        "exp": expire,
+    }
+    return jwt.encode(payload, settings.SECRET_KEY, algorithm=ALGORITHM)
+
+
+async def get_current_user(request: Request):
+    token = None
+
+    # Check Authorization header
+    auth_header = request.headers.get("Authorization")
+    if auth_header and auth_header.startswith("Bearer "):
+        token = auth_header[7:]
+
+    # Check cookie
+    if not token:
+        token = request.cookies.get("token")
+
+    if not token:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Not authenticated",
+        )
+
+    try:
+        payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[ALGORITHM])
+        user_id = int(payload["sub"])
+    except (JWTError, KeyError, ValueError):
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Invalid token",
+        )
+
+    db = await get_db()
+    row = await db.execute_fetchall(
+        "SELECT id, username, role FROM users WHERE id = ?", (user_id,)
+    )
+    if not row:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="User not found",
+        )
+    return dict(row[0])
+
+
+async def require_admin(user=Depends(get_current_user)):
+    if user["role"] != "admin":
+        raise HTTPException(status_code=403, detail="Admin required")
+    return user
+
+
+async def ensure_admin_exists():
+    db = await get_db()
+    rows = await db.execute_fetchall("SELECT id FROM users WHERE role = 'admin'")
+    if not rows:
+        pw_hash = hash_password(settings.ADMIN_PASS)
+        await db.execute(
+            "INSERT INTO users (username, password_hash, role) VALUES (?, ?, 'admin')",
+            (settings.ADMIN_USER, pw_hash),
+        )
+        await db.commit()
@@ -0,0 +1,26 @@
+from pydantic_settings import BaseSettings
+from pathlib import Path
+
+
+class Settings(BaseSettings):
+    SECRET_KEY: str = "change-me-to-random-string"
+    ADMIN_USER: str = "admin"
+    ADMIN_PASS: str = "admin"
+
+    DATA_DIR: str = "./data"
+    DB_PATH: str = "./data/just-wiki.db"
+    MEDIA_DIR: str = "./data/media"
+
+    VITE_API_URL: str = "http://localhost:8000"
+
+    AI_ENABLED: bool = False
+    GEMINI_API_KEY: str = ""
+
+    model_config = {"env_file": ".env", "env_file_encoding": "utf-8"}
+
+
+settings = Settings()
+
+# Ensure directories exist
+Path(settings.DATA_DIR).mkdir(parents=True, exist_ok=True)
+Path(settings.MEDIA_DIR).mkdir(parents=True, exist_ok=True)